CVE-2006-0816

2006-03-24T11:02:00
ID CVE-2006-0816
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:29:00

Description

Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot) and (2) space characters in the extension of a URL. Update to version 2.0.7 or contact the vendor for a patch.